Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/3815e3-d3a8-4b3c-a4b2-cb344f1800ed/1/nkm_AqdgrcdDszFPZGQsvTeQ99w.roa
File: nkm_AqdgrcdDszFPZGQsvTeQ99w.roa (raw, json)
Hash identifier: tWZj3SfE+CRbF9Ic1OICFS30cFtSOef9JMakRYCQj78=
Subject key identifier: 9E:49:BF:02:A7:60:AD:C7:43:B3:31:4F:64:64:2C:BD:37:90:F7:DC
Certificate issuer: /CN=d3d4e0da68c1446689419d103711b191ded567f4
Certificate serial: 01947D73773F63924C468D8C7E4B369DB81F
Authority key identifier: D3:D4:E0:DA:68:C1:44:66:89:41:9D:10:37:11:B1:91:DE:D5:67:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/09Tg2mjBRGaJQZ0QNxGxkd7VZ_Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/3815e3-d3a8-4b3c-a4b2-cb344f1800ed/1/nkm_AqdgrcdDszFPZGQsvTeQ99w.roa
Signing time: Sun 19 Jan 2025 07:25:06 +0000
ROA not before: Sun 19 Jan 2025 07:25:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31605
IP address blocks: 45.139.107.0/24 maxlen: 24
46.29.35.0/24 maxlen: 24
2a13:cec0::/29 maxlen: 29
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:7d:73:77:3f:63:92:4c:46:8d:8c:7e:4b:36:9d:b8:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3d4e0da68c1446689419d103711b191ded567f4
Validity
Not Before: Jan 19 07:25:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e49bf02a760adc743b3314f64642cbd3790f7dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:e4:98:60:7a:33:80:82:13:40:77:f8:8a:4c:
59:33:41:e3:d2:6a:b4:94:30:9f:1d:c7:94:d6:96:
1c:08:a0:3c:df:dd:0f:b2:9e:28:71:e3:07:5e:34:
d2:06:f1:5b:ef:4b:7c:88:60:1d:63:19:cd:89:80:
32:28:28:ed:5b:8c:cc:9b:81:4b:38:64:cd:04:3c:
cc:7f:a6:ce:0a:a2:ff:30:be:58:5b:94:79:79:1b:
eb:83:0a:a2:d3:aa:e5:d3:ee:9e:a5:48:6d:85:f8:
f9:fd:ec:3a:b0:62:93:57:06:58:fe:b5:d2:47:2f:
9b:cc:8f:da:a9:4a:f5:a8:63:7d:12:7b:ca:e4:92:
28:ee:3a:da:c6:b8:34:2a:0b:1e:a1:46:1b:6c:b2:
85:ec:88:d7:fe:82:20:e3:82:1a:25:7c:3f:51:c0:
85:6c:ba:db:bc:a5:a4:c7:e2:e3:c8:92:6d:0c:48:
37:77:1c:ee:6a:f8:ec:13:f6:01:b5:96:9e:d4:68:
ed:a6:56:59:fc:e3:25:78:7b:d9:21:31:3c:c5:c9:
63:00:3d:c9:74:56:ee:a2:2e:6e:fa:02:e4:bd:5b:
ae:02:d2:c7:b9:2b:55:38:fa:36:d2:ba:8d:b7:97:
05:90:e5:44:e1:4e:82:d5:ab:f0:dc:16:46:81:9f:
9c:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:49:BF:02:A7:60:AD:C7:43:B3:31:4F:64:64:2C:BD:37:90:F7:DC
X509v3 Authority Key Identifier:
keyid:D3:D4:E0:DA:68:C1:44:66:89:41:9D:10:37:11:B1:91:DE:D5:67:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/09Tg2mjBRGaJQZ0QNxGxkd7VZ_Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/3815e3-d3a8-4b3c-a4b2-cb344f1800ed/1/nkm_AqdgrcdDszFPZGQsvTeQ99w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/3815e3-d3a8-4b3c-a4b2-cb344f1800ed/1/09Tg2mjBRGaJQZ0QNxGxkd7VZ_Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.107.0/24
46.29.35.0/24
IPv6:
2a13:cec0::/29
Signature Algorithm: sha256WithRSAEncryption
13:f3:57:4c:43:31:18:76:2b:29:7a:22:ed:c2:c4:45:6c:4b:
65:38:bd:58:65:4d:a7:7c:4a:bf:a4:69:dd:fb:20:d3:5f:02:
17:fe:05:13:8d:d2:4e:e6:bf:22:20:52:ee:63:6c:f2:5d:1d:
77:9a:d0:3e:bb:39:4c:75:d6:19:be:b6:0a:47:96:eb:76:a7:
69:59:75:37:c2:29:13:56:ef:0d:f8:71:c8:b7:ed:82:e0:28:
04:f6:ed:ab:33:d6:1c:ed:ec:6c:23:35:df:bc:96:df:d4:f2:
b7:ac:37:8b:3d:01:72:e0:4c:96:7b:04:00:aa:a4:15:0b:83:
4e:50:35:9d:9e:c4:f6:03:d8:5a:33:63:5d:25:10:5c:8b:f1:
f5:3d:a2:fe:4e:ef:08:80:2c:cb:25:e0:0e:93:7b:29:e4:e3:
ca:2c:f7:3c:f6:88:b6:51:17:f8:8f:6f:c9:f6:e1:36:34:b0:
eb:5b:59:07:01:0a:62:5a:a9:46:85:9e:e5:6e:fc:0d:16:8c:
57:64:f3:93:eb:25:12:8b:da:7b:cc:2a:a3:24:c1:95:a9:6f:
00:8a:4f:89:d3:ec:49:9a:09:7f:e5:9f:f3:ed:02:1e:11:c3:
c6:58:5c:82:4c:ed:42:ec:6d:21:2c:d0:06:0a:1f:e5:77:41:
fb:7f:17:06
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZR9c3c/Y5JMRo2Mfks2nbgfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzZDRlMGRhNjhjMTQ0NjY4OTQxOWQxMDM3MTFiMTkxZGVk
NTY3ZjQwHhcNMjUwMTE5MDcyNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTQ5YmYwMmE3NjBhZGM3NDNiMzMxNGY2NDY0MmNiZDM3OTBmN2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7uSYYHozgIITQHf4ikxZM0Hj0mq0
lDCfHceU1pYcCKA8390Psp4oceMHXjTSBvFb70t8iGAdYxnNiYAyKCjtW4zMm4FL
OGTNBDzMf6bOCqL/ML5YW5R5eRvrgwqi06rl0+6epUhthfj5/ew6sGKTVwZY/rXS
Ry+bzI/aqUr1qGN9EnvK5JIo7jraxrg0KgseoUYbbLKF7IjX/oIg44IaJXw/UcCF
bLrbvKWkx+LjyJJtDEg3dxzuavjsE/YBtZae1GjtplZZ/OMleHvZITE8xcljAD3J
dFbuoi5u+gLkvVuuAtLHuStVOPo20rqNt5cFkOVE4U6C1avw3BZGgZ+c2wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJ5JvwKnYK3HQ7MxT2RkLL03kPfcMB8GA1UdIwQY
MBaAFNPU4NpowURmiUGdEDcRsZHe1Wf0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDlUZzJtakJSR2FKUVowUU54R3hrZDdWWl9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi8zODE1ZTMtZDNhOC00YjNjLWE0YjIt
Y2IzNDRmMTgwMGVkLzEvbmttX0FxZGdyY2REc3pGUFpHUXN2VGVROTl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi8zODE1ZTMtZDNhOC00YjNjLWE0YjItY2IzNDRmMTgwMGVk
LzEvMDlUZzJtakJSR2FKUVowUU54R3hrZDdWWl9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQALYtrAwQA
Lh0jMA0EAgACMAcDBQMqE87AMA0GCSqGSIb3DQEBCwUAA4IBAQAT81dMQzEYdisp
eiLtwsRFbEtlOL1YZU2nfEq/pGnd+yDTXwIX/gUTjdJO5r8iIFLuY2zyXR13mtA+
uzlMddYZvrYKR5brdqdpWXU3wikTVu8N+HHIt+2C4CgE9u2rM9Yc7exsIzXfvJbf
1PK3rDeLPQFy4EyWewQAqqQVC4NOUDWdnsT2A9haM2NdJRBci/H1PaL+Tu8IgCzL
JeAOk3sp5OPKLPc89oi2URf4j2/J9uE2NLDrW1kHAQpiWqlGhZ7lbvwNFoxXZPOT
6yUSi9p7zCqjJMGVqW8Aik+J0+xJmgl/5Z/z7QIeEcPGWFyCTO1C7G0hLNAGCh/l
d0H7fxcG
-----END CERTIFICATE-----
Generated at Fri Apr 25 11:31:18 2025 by rpki-client